Distributed management system for security of remote assets

ABSTRACT

A Distributed management system for security of remote assets which provides security for widely distributed assets while at the same time providing great flexibility for a multiplicity of authorized persons without passcodes or personal keys to access multiple assets. The system has great flexibility by separating the lock and Key function and provides complete history of Key-Lock operations of the asset in real time scenario. The system gives a comprehensive solution to the static or mobile asset located at remote location to the owner.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of Indian Patent Application No. 4016/CHE/2015, filed Aug. 8, 2015.

STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

Not Applicable

REFERENCE TO SEQUENCE LISTING, A TABLE, OR A COMPUTER PROGRAM LISTING COMPACT DISK APPENDIX

Not Applicable

TECHNICAL FIELD OF THE INVENTION

The invention relates to a security system for securing assets. More particularly the invention relates to a Distributed management system for security of remote assets with elaborate process of authorization, supervision and managing of remote assets.

BACKGROUND OF THE INVENTION

In the past most ubiquitous technology i.e. ‘Lock and Key’ system through authorized access has been used for securing assets. Assets have been secured by the use of Locks and authorized access is given by placing complete trust on the person to whom a unique Key is provided that can open the Lock. Though the access may be for short duration under specific set of circumstances, handing over the key makes the asset vulnerable to access at all times and for whatever purposes. The problem is compounded when the Asset, whether moving or immobile is ‘remote’ and away from the owner's immediate supervision. There is no assurance to the owner that the lock has NOT been operated upon by someone else either legally with another duplicate key or tampered with illegaly without leaving any evidence to show for it. Further if several persons have to be given access to the same asset and the same person has to access several assets, or both, there is a very complex management of keys, authorizations and records management. Invariably the breach of security occurs due to unscrupulous persons taking advantage of ‘loopholes’ in such a complex process.

In the prior art it is observed that asset is secured with complex locks with/without keys, some have monitoring mechanisms that report the location of the asset as also status of the lock, others have processes for authenticating the key with passcodes comparisons. Thus it is paramount that the security of these assets is not only protected but a process and mechanism needs to be in place that gives the assurance that it is not breached and that security breaches will be detected immediately.

There is a need for the ‘owner’ to have the comprehensive status of all assets at any given time, whether secure, whether open, or by whom it was opened, whether moving on planned routes and so on. There also needs to be recorded history of all operations performed on the lock for analysis and reporting.

BRIEF SUMMARY OF THE INVENTION

The present invention discloses distributed management system for security of remote assets against unauthorized access while at the same time being very effective in providing timely, limited, appropriate access from a centralised control for predetermined purposes to authorized persons.

OBJECTIVES OF THE INVENTION

It is the primary object of this invention to provide an Asset Management System for security of remote assets for appropriate access from a centralised control for predetermined purposes to one or more authorized persons.

Another object of this invention is to provide an Asset Management System that provides high levels of security for widely distributed assets from a centralised control to secure the assets of the owners by themselves or through their authorized persons.

Another object of this invention is to provide an Asset Management System which manages assets which maybe static or mobile, small or big or may have simple rules or complex criteria that enable the access to the assets by authorized persons on the basis of pre-determined authorization.

Another object of this invention is to provide an Asset Management System that provides several authorized persons geographically located at different places to access assets which again maybe geographically distributed through the application of context based rules and criteria that determine the genuineness of the need.

Another object of this invention is to provide an Asset Management System that is flexible enough to operate effectively under different circumstances and available infrastructure by the design of various constituent elements that combine and interact seamlessly with one another on various known communication carriers and protocols such as GPRS, 3G, 4G, SMS, WIFI, Bluetooth, Near field, and CAN.

Another object of this invention is to provide an Asset Management System that detects attempts to breach physical or electronic or software aspects of security of the Asset management System and alerts immediately the concerned persons responsible for the smooth operation of the System.

Another object of this invention is to provide the ‘owners’ or their authorized agents a comprehensive status of all ‘owned’ assets, whether static or mobile or located at any remote place, at any given time through the Asset Management System.

Another object of this invention is to provide an Asset Management System that is so flexible that there is no physical pairing of a ‘Lock’ and a ‘Key’ that operates it on one-on-one basis so that in principle any ‘key’ provided is authorized by the system can operate the ‘Lock’.

Another object of this invention is to provide an Asset Management System that has one key that can potentially open several Locks or one Lock can be opened potentially by several keys in real time which reduces the cost of operations.

Another object of this invention is to provide an Asset Management System that directly interacts with the existing Enterprise Software to provide seamless security to assets that are in transit or at a static location thereby creating a complete technology solution.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING

The present invention consists of 4 elements namely, Hosted Business management Process Server, running the Asset Management Software, a Smart Mobile phone running a Mobile App, an electronic box called the “key” for convenience and a electromechanical Lock that physically secures and prevents access to an asset. These elements when working together in synchrony constitute the Asset management System and can provide the security services to a owner or an authorized ‘Requester’ for these services.

The present invention will be described in more detail hereinafter with the aid of the description which relates to preferred embodiments of the invention explained with reference to the accompanying schematic drawings, in which:

FIG. 1 explains the flow of interaction between the owner or his authorized agent who defines the details of the Assets to the System; and

FIG. 2 explains the flow of interaction between the requester of the service of securing (locking) or opening the access to the asset and the Server;

FIG. 3 explains the flow of interactions between the requester and the ‘Key’ that controls the Lock operations;

FIG. 4 explains the flow of interactions between the “key” and the ‘Lock’.

In FIG. 1 the User 100 pre-defines the organization's eco system to the Server (200). Definitions regarding the locks, the assets on which fixed, the rules for operation of the lock, the details of authorized persons who can operate the lock, the details of keys which are to be used to operate the lock etc. User also sends request to lock or open the asset when required.

In FIG. 2 Requester is a person who has the immediate need to operate a lock remote or near himself. Requester communicates to the server through a data terminal that could be a mobile phone or a specially designed devise that can communicate over internet with the server. Requester's message (301) consists of request to “open” or “lock” along with his or her identity and the identity of the lock.

The server verifies the lock identity and requester identity and applies the ‘rules’ to check whether the requester can be authorized to operate the specific lock. In response it sends back message (201). Message (201) could be a ‘regret message’ if the rules are not satisfied. Else (201) will confirm the ‘pass code’ and other information to enable the lock to be operated. In some embodiments the requester can directly contact user (100) and get authorization by passing the server.

In FIG. 3 the requester once authorized and provided with the key (400) details by the server enters in to a hand-shake protocol with the key (301, 401). The key verifies whether the key identifier (301) given by the requester matches with its own and whether the requester is one of many authorized requester for this key. Once the hand-shake is established with both sides satisfied with each other identify the key accepts the lock identity and the command that needs to be executed the command and returns the status (401) (locked or opened) after the lock executes the command.

In FIG. 4 the On getting the lock identity and command from the Requester (300) the key (400) has a hand shake with the lock (500) and exchanges its own identity (401) and requests Lock's identity (501). The Lock checks whether the key is one of the keys authorized to open it and the key is verifies whether it is the right lock. Once this is established, the key sends one of the several commands to the Lock (401). Commands could be ‘Status’, ‘Lock’, ‘Open’, ‘Read’. The Lock accepts these commands and executes them and sends back response messages. In case of ‘open lock’, it sends response to say these are done. In case of status it provides the current status of the Lock whether ‘open’ or ‘locked’. In case of ‘Read’ it provides the locks log data of all operation performed date, time, person authorizing, and operation performed.

The above is a typical flow in a sample embodiment. However different variations are possible in different embodiment. For example, ‘the Requester” could directly seek authorization from the “user”.

DETAILED DESCRIPTION OF THE INNOVATION

Distributed management system is for security of remote assets against unauthorized access while at the same time being very effective in providing timely, limited, appropriate access from a centralised Control for predetermined purposes to authorized persons. Further, even authorized operations on the Assets are monitored, recorded and captured for further analysis. The elements combine and interact with one another on various known communication carriers and protocols such as GPRS, 3G, 4G, SMS, WIFI, Bluetooth, near field, and CAN.

The owner or his/her authorized representative has a data terminal, a smart mobile phone or a laptop through which he/she communicates and interacts with the Hosted Business management Process Server. The owner predefines the business processes including the authorized access be given to an authorized user at the remote asset site or permissions to access when requested by an authorized user at the remote asset site. The owner through the hosted business management process server continuously monitors the status of the lock. The hosted business management process server alerts the owner or his authorized representative whenever lock is opened or locked, receives the read history data about lock operations stored in the lock, operates under the instructions of owner or his authorized representative communicates to the lock to store any other information in the lock and also retrieve previously stored information from the lock and display it to the owner upon the request from the owner or his authorized representative. The owner or his authorized representative can revoke authorization of any persons authorized previously.

The Asset Management Application Software has inventory information of all the remote assets, information related to all elements of the management systems such Locks, Keys, mobile phone related Apps, etc to be operated in the real time scenario. The Asset Management Application Software running on the Hosted Business Management Server has set of predefined parameters like date, time, location of the asset, operational history of the asset, and compliance of business transaction information such as payment made, invoices raised, deliveries, orders etc accordingly customizes the security decisions while making real time decisions in allowing or denying access to the remote asset(s) to the authorized representative. The Asset Management Application Software customizes the security decisions for the remote asset or plurality of the remote assets accordingly based on the set of parameters like conditions, rules under which the assets are to be operated, and the circumstances under which different persons are authorized to operate the remote asset(s).

The Asset Management Application Software maintains and provides real time information of all assets and has transaction history of all operations, persons performing the operations on all the assets located anywhere in the world to the owner. The Asset Management Application Software is customized as per the requirement of the owner. The Asset Management Application Software receives the information from the location of the asset and decides to allow or deny access to any Asset anywhere in the world.

The Smart Phone Mobile App is installed in Smart Phone by due authorization process and operated by an authorized person who communicates with the Asset management Application Software. The Smart Phone Mobile App has dynamically generated specific identity and is authorized to operate only on a set of Keys with specific identities and establishes each other's identity. The Asset management Application Software authenticates the Smart Phone Mobile App and authorizes it to operate on the Key for performing operations on the Lock to secure the Asset.

The electronic Key has a unique Key identity number and through its own algorithm generates a real time passcode and verifies whether this matches with the one provided by the Smart Phone Mobile App which in turn either generates real time passcode itself or obtains it from the Server. Upon verification electronic Key acknowledges authorization of Smart Phone Mobile App and is ready to accept commands from it. The electronic Key receives operational commands from the Smart Phone Mobile App like ‘Lock’, ‘Open’, ‘Read data’, ‘Return status’, etc. and authorized person having a Smart Phone with the Smart Phone Mobile App performs those operations on the Lock. The Key is operated by a chargeable battery embedded within it and has its own location tracking capability through a standard GPS device embedded in it.

The electro-mechanical Lock does bolting and securing the door of an asset, such as a warehouse, a truck, trunk, a cupboard, a locker or a vault, etc. The lock can be located anywhere on or inside the door and still perform all the functionality described herein. The Lock can be of any shape and can be embodied as a bolt or a latch or a regular lock with a body and a U shaped bolt which can be slipped through a fixture and locked securely like a conventional lock. The Lock's mechanical assembly is sturdy and flameproof and adapted to secure any enclosed space whose access could be a door, a gate, a container opening, a lever of a truck, a locker or any such device. The Lock has a unique identity. The Key and the Lock establish compatibility through an elaborate identity establishment process before any operations. The Lock generates dynamic code in real time in accordance to the authorization code provided by the Key and compatibility between Lock and Key is established in real time. The Key communicates the instructions of the authorized user to the Lock which interprets and carries out the physical action of opening or closing the Lock like ‘Lock’, ‘Open’, ‘Read data’, ‘Return status’, etc. The Lock physically secures the asset with its locking mechanism and provides access to the asset upon authorization. The Lock stores the transaction detail of all operations carried out by Key at any time and transmits continuously its information like geographical location to the owner and displays the information to the authorized user in the mobile phone upon the authorization of the owner.

The Key is ‘plugged’ or ‘inserted’ physically to the ‘Key-hole’ of the Lock as in all and Lock and Key arrangements. The ‘Key-hole’ can be extended by a cable over a long distance so that the Lock can be secured by ‘inserting’ the Key in the ‘Key-hole’ more conveniently located.

Assets could be Trucks, Tankers, Containers, Warehouses, High security restricted areas, campuses, homes, suitcases, lockers, vaults, prisons, high value equipment, etc. In scenarios such as a moving asset on a vehicle, a single lock can be operated by several Keys and Mobile Apps located at various destinations along its route. These same Keys and Mobile Apps can operate on several different locks fitted on to different vehicles passing through. The Locks can be fitted inside or on the vehicle where convenient and feasible and the Key can be inserted in the Key-hole that can be located anywhere convenient to operate.

Similarly, an unmanned warehouse fitted with a Lock on its main door can be operated by several authorized persons passing by and having their own authorized keys. The same key could be used on several Locks within the warehouse. Also the physical location of the lock can be any place convenient as described above. Also all the locks can be operated by a single key from a single panel where all key-holes could be provided.

A supervisor at a Head Office could monitor the security operations of a fleet of trucks or on several warehouses across the country. In high security offices and campuses, different personnel may be authorized differently for entry to specific areas and may be provided limited access at specific times and under specific circumstances. For example in an emergency, access may be provided to all exits.

In short anything that can be locked and access or use restricted. The distributed nature of the system comprising of simple elements described lends itself to all scenarios above irrespective of the nature, the size and the spread of the assets.

While the present invention has been described in connection with the preferred embodiments of the various figures, it is to be understood that other similar embodiments may be used or modifications or additions may be made to the described embodiment for performing the same function of the present invention without deviating there from. Therefore, the present invention should not be limited to any single embodiment, but rather construed in breadth and scope in accordance with the recitation of the appended claims. 

We claim:
 1. A Distributed management system for security of remote assets comprising of Hosted Business Management Server, a Smart Phone with Smart Phone Mobile App, an electronic key and electromechanical Lock wherein the owner or his/her authorized representative has a data terminal, a smart phone or a laptop through which he/she communicates and interacts with the Hosted Business Management Server; the Hosted Business Management Server containing Asset Management Application Software has inventory information of all the remote assets, maintains information related to all elements of the management systems such Locks, Keys, mobile phone related Apps, etc and operates in the real time scenario; the Asset Management Application Software communicates and authenticates the Smart Phone Mobile App and authorizes it to operate on electronic Key for performing operations on the electromechanical Lock to secure the Asset; electronic Key receives operational commands from the Smart Phone Mobile App and authorized person having a Smart Phone with the Smart Phone Mobile App performs those operations on the electromechanical Lock which interprets and carries out the physical action of opening or closing the Lock; whereby the system provides limited access to authorized persons on a pure need to access basis for entering, operating, unloading, inspecting or for any other purpose thereby securing remote asset during transportation and storage location.
 2. The Hosted Business Management Server of Distributed management system as claimed in claim 1 wherein Hosted Business Management Server continuously monitors the status of all the locks that have been defined to exist under its watch, receives transaction history of the lock and alerts the owner or his authorized representative, communicates the instructions of owner or his authorized representative to the lock and/or is capable of directly and automatically commanding the Lock to lock or open no matter where in the world it is located, depending on predefined rules set for the operation of that lock.
 3. The Hosted Business Management Server containing the Asset Management Application Software of Distributed management system as claimed in claim 1 wherein Asset Management Application Software has set of predefined parameters like date, time, location of the asset, operational history of the asset, and compliance of business transaction information such as payment made, invoices raised, deliveries, orders etc accordingly customizes the security decisions while making real time decisions in allowing or denying access to the remote asset(s) to the authorized representative or while operating the Lock automatically by itself.
 4. The Hosted Business Management Server containing The Asset Management Application Software of Distributed management system as claimed in claims 1 and 3 wherein Asset Management Application Software customizes the security decisions for the remote asset or plurality of the remote assets accordingly based on the set of parameters like conditions, rules under which the assets are to be operated, and the circumstances under which different persons are authorized to operate the remote asset(s).
 5. The Hosted Business Management Server containing The Asset Management Application Software of Distributed management system as claimed in claims 1, 3 and 4 wherein Asset Management Application Software maintains and provides real time information of all assets and has transaction history of all operations, persons performing the operations on all the assets located anywhere in the world to the owner.
 6. The Smart Phone with Smart Phone Mobile App of Distributed management system as claimed in claim 1 wherein Smart Phone Mobile App is installed in Smart Phone by due authorization process of Asset management Application Software and operated by an authorized person who communicates with the Asset management Application Software.
 7. The Smart Phone with Smart Phone Mobile App of Distributed management system as claimed in claim 1 wherein Smart Phone Mobile App has dynamically generated specific identity and is authorized to operate on the electronic Key for performing operations on the Lock to secure the Asset.
 8. The electronic Key of Distributed management system as claimed in claim 1 wherein electronic Key has a unique Key identity number, receives operational commands from the Smart Phone Mobile App and authorized person performs those operational commands on the Lock.
 9. The electromechanical Lock of Distributed management system as claimed in claim 1 wherein Lock has a unique identity, Key and the Lock establish compatibility through an elaborate identity establishment process whereby Key communicates the instructions of the authorized user to the Lock which interprets and carries out the physical action of opening or closing of the door of the asset.
 10. The Distributed management system as claimed in claim 1 can be integrated with the Enterprise software systems and other Enterprise technologies so as to provide a seamless technology solution wherein the assets are automatically locked, controlled and operated. 